Alternatives and similar repositories for pan-cortex-data-lake-python

Users that are interested in pan-cortex-data-lake-python are comparing it to the libraries listed below

• PaloAltoNetworks / Splunk-Apps
  Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…
  ☆108Updated 11 months ago
• PaloAltoNetworks / minemeld-core
  Engine of MineMeld
  ☆140Updated 2 years ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 4 years ago
• opendns / investigate-examples
  Coding examples for the OpenDNS Investigate API
  ☆24Updated 5 years ago
• carbonblack / cb-event-forwarder
  Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.
  ☆73Updated last year
• PaloAltoNetworks / Splunk_TA_paloalto
  The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Network…
  ☆21Updated 5 years ago
• PaloAltoNetworks / minemeld-node-prototypes
  Prototypes for MineMeld nodes
  ☆39Updated 3 years ago
• opendns / pyinvestigate
  Python module to interface with the OpenDNS Investigate API
  ☆63Updated 3 years ago
• att / docker-forensics
  Tools to assist in forensicating docker
  ☆84Updated 6 months ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆19Updated last year
• ExtraHop / code-examples
  ExtraHop public code examples
  ☆38Updated 10 months ago
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 3 years ago
• zeek / zeek-docs
  Documentation for Zeek
  ☆50Updated last week
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆56Updated 3 years ago
• sophos / solarwinds-threathunt
  Threathunt details for the Solarwinds compromise
  ☆33Updated 4 years ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated 2 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆54Updated this week
• rapid7 / insightconnect-plugins
  Plugin source code for the InsightConnect SOAR product, developer documentation at https://docs.rapid7.com/insightconnect/getting-started
  ☆66Updated last week
• target / huntlib
  A Python library to help with some common threat hunting data analysis operations
  ☆143Updated 2 years ago
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆48Updated 2 years ago
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆18Updated 11 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 8 years ago
• nsacyber / Splunk-Assessment-of-Mitigation-Implementations
  Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
  ☆76Updated 9 years ago
• olafhartong / parsoalto
  Palo Alto Networks Rule Parser
  ☆16Updated 9 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 4 years ago
• joelwking / Phantom-Cyber
  Apps for Splunk Phantom security automation | Cisco Meraki | Ansible Tower | F5 | A10
  ☆24Updated 5 years ago
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆52Updated last year
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated 2 years ago
• rocknsm / docket
  A RESTful API frontend for Stenographer
  ☆54Updated 2 years ago
• usnistgov / sctools
  Tools for security content automation, baseline tailoring, and overlay development.
  ☆44Updated last year